Description:
Sality (N. SALITY or WIN32/SALITY) is a complex virus that interact with Keylogger or backdoor.
Once it was made executed in the system he is installing and run copies for almost all files ( including .jpg,txt,mpeg etc ) keeping the same name of copied files but with a .exe extension.
Sality infects local executable files, deletes files associated with installed security-related software including various antiviruses and firewalls. Then it runs a keylogging module, which collects system and network information, records user login names and passwords, steals sensitive information stored in specific files and finally sends all this data to a predefined e-mail address.
Sality can also open a back door providing the remote attacker with unauthorized access to the compromised computer. The intruder can control the system and steal other user sensitive information
Solution to remove Sality (N. SALITY or WIN32/SALITY)
Please note that the virus can not be removed with a simple antivirus because Sality is instaling in Dos interface.
For removing the virus you must download this zipped package:
N.SALITY REMOVER download
Next step: unzip the package and keep all 3 files in the same directory.
Then run rmsality.exe
... And the sality will be a memorie ...
Leave a comment